Private Key - Geek Feed

Malicious Rust packages on Crates.io steal crypto wallet keys

September 29, 2025September 29, 2025 geekfeed0Tagged CryptoCurrency, Ethereum, Open Source, Private Key, Rust, Solana

Two malicious packages with nearly 8,500 downloads in Rust’s official crate repository scanned developers’ systems to steal cryptocurrency private keys and other secrets. Rust crates are distributed through a central registry at Crates.io, the equivalent of npm for JavaScript, PyPI for Python, and Ruby Gems for Ruby. The malicious crates, named faster_log and async_println, were published on the platform on […]

2 mins read

Ripple’s recommended XRP library xrpl.js hacked to steal wallets

April 24, 2025April 24, 2025 geekfeed0Tagged CryptoCurrency, npm, Private Key, Ripple, Seeds, Wallet, xrpl.js

The recommended Ripple cryptocurrency NPM JavaScript library named “xrpl.js” was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallets. Malicious code was added to versions 2.14.2, 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of the xrpl NPM package […]

3 mins read

Solana Web3.js library backdoored to steal secret, private keys

December 5, 2024December 5, 2024 geekfeed0Tagged CryptoCurrency, Library, Private Key, Secret Key, Solana, Supply Chain Attack, Web3.js

The legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets. Solana offers an SDK called “@solana/web3.js” used by decentralized applications (dApps) to connect and interact with the Solana blockchain. Supply chain security firm Socket reports that Solana’s Web3.js […]

4 mins read